To maintain a history of the performance of your
system. Studying this history could point out
potential failures long before they occur.
To provide a statistical basis for new equipment
requests. Management is more likely to purchase
new equipment if you can demonstrate that the
current equipment will not meet the companys
To enable you to tune your network for optimum
performance. This is especially true on larger
networks with more than one file server. In some
cases, you can provide a perceived increase in
throughput by simply transferring tasks from one
server to another.
Various network operating systems (NOSs) have
their own utility programs to monitor what processing is
taking place on their network. You can use these
programs to monitor the status of your network, and
some utilities give you the capability to monitor a
particular job request.
REVIEW AUDIT LOGS
The main importance of reviewing audit/event logs
is to monitor the security of the system. Besides, C2
Security compliance requires that the system be
monitored (audited) continuously. Whether it pertains
to the system what hardware was accessed, security
identify who logged on (logged-in), or application
what software was accessed; usage must be tracked.
The term auditing refers to the process of recording
events, such as file access, creations, deletions, the
addition of print jobs, and so on, and using that
information to detect usage violations or to confirm that
network procedures are operating correctly.
A network administrator, by using the audit logs,
can track what files were accessed, when they were
accessed (date and time), by whom, and even what
transactions were performed. Some logs even show you
if the transaction was or was not successful with some
type of message.
Equipment, the connections, and equipment
settings for a network comprise the network
configuration. The equipment refers to the hardware
(computers, peripherals, boards, and cables), but may
also include software under certain circumstances.
Because of equipment compatibility and
interoperability, a system administrator needs to know
considerable detail about all of the equipment that
comprises the network. This information may include
model numbers, memory specifications, enhancements,
and so on. This information must be maintained, or
conflicts between the equipment may occur. Most
networking systems include a utility for recording
system configuration information and updating it as the
net work changes.
Record the current settings for each component as
part of the configuration information. Avoid conflicts
when deciding on specific settings. A conflict can arise
because two boards want to use the same memory
location or interrupt.
System parameters must be verified prior to
installation and startup to avoid any conflicts. The
majority of the conflicts involve system interrupts. An
interrupt is a mechanism by which one computing
element, such as a modem or a program, can get the
attention of another elements. Interrupts may be
generated by hardware or software.
There are 16 interrupt request lines (IRQs) for
hardware interrupts in a PC environment. Each device
attached to a computer can have an IRQ assigned.
When the device wants service from the CPU, it signals
on this line and waits.
IRQs have different priority levels, and the higher
priority lines are assigned to the most important
functions on the PC. By responding to IRQs according
to their assigned priority, an operating system or
interrupt handler can ensure that no vital activities are
IRQ values for a device may be set through
software or by manually setting them through the use of
jumpers or DIP switches on the expansion board for the
device. When configuring devices, it is important that
you do not have two devices that use the same IRQ.
Executing programs also use interrupts to get
resources needed to perform some action. There are
software interrupts to access a monitor screen or disk
drive, to handle a keystroke or a mouse click, and so on.